[2111] in bugtraq
Re: BUGTRAQ ALERT: Solaris 2.x vulnerability
daemon@ATHENA.MIT.EDU (Dan Cross)
Wed Aug 16 12:20:31 1995
Date: Wed, 16 Aug 1995 08:14:24 -0400
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Dan Cross <cross@math.psu.edu>
X-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: Your message of "Tue, 15 Aug 1995 21:58:33 BST."
<9508152058.AA04285@zeus.london.micrognosis.com>
> [bloop] (Scott, if you think it's worth
> posting the code for this let me know) and any of the other things that
> stash files in /tmp can be attacked. Neil.
It seems that the code is almost trivial since most programs such as these
tend to operate along the same lines and we have already seen Scott's code...
:-) However, an extremely worthwhile thing to post would be a list of setuid
programs which make use of /tmp and are exploitable in the same manner. Or,
rather, potentially exploitable...
Does anyone have such a thing?
- Dan C.
